diff --git a/Gemfile b/Gemfile
index 1000c422da9238e5eb92e6e4d3afabf720f8a7ef..aa5951a1f5a7970a5c79bb3b389fe14a281681b5 100644
--- a/Gemfile
+++ b/Gemfile
@@ -203,6 +203,12 @@ gem "minitest"
 
 gem "versionist", "1.5.0"
 
+# Prevent accidental upgrades of thor
+# TODO: remove this when either all gems depending on thor have fixed the warnings
+#       or thor released a version where they are clearly marked as warnings
+# see: https://github.com/erikhuda/thor/issues/538
+gem "thor", "0.19.1"
+
 # Windows and OSX have an execjs compatible runtime built-in, Linux users should
 # install Node.js or use "therubyracer".
 #
diff --git a/Gemfile.lock b/Gemfile.lock
index 06cde3e125c068d5d02e8ef0627772e9043feed4..562226990878184a1aee8679273612216c7c2ebc 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -715,7 +715,7 @@ GEM
       unicode-display_width (~> 1.1.1)
     test_after_commit (1.1.0)
       activerecord (>= 3.2)
-    thor (0.19.4)
+    thor (0.19.1)
     thread_safe (0.3.6)
     tilt (1.4.1)
     timecop (0.8.1)
@@ -913,6 +913,7 @@ DEPENDENCIES
   spring-commands-rspec (= 1.0.4)
   string-direction (= 1.2.0)
   test_after_commit (= 1.1.0)
+  thor (= 0.19.1)
   timecop (= 0.8.1)
   turbo_dev_assets (= 0.0.2)
   twitter (= 6.1.0)